Our organization sends employees to some dangerous areas, and we're considering the use of RFID microchip implants...
to track their whereabouts and help ensure their safety. From an information security perspective, what are the benefits and potential threats associated with microchip implants or RFID tags on employees?
This sounds like a misconception about the current state of RFID implant technology. The implants can certainly be used to identify a human and potentially to unlock a medical record, for example. But I'm not aware of RFID implants that have GPS tracking capabilities, so it's not clear that this approach would meet such requirements -- unless these "dangerous areas" have RFID readers every 30 feet or so.
But that's just the tip of the iceberg. The privacy ramifications of implanting anything into an employee are quite serious. The employee may voluntarily agree to this tactic, since he or she believes it may increase safety, but it introduces serious data security risks.
For example, if the RFID database is hacked, all of the information about that employee is subject to compromise. If medical records or perhaps location information (in the event that technology emerges) are linked to the tag, there is substantial risk to not only the enterprise, but also to the individuals.
I'm afraid this is a slippery slope and I'm not sure I can recommend an aggressive employee-tracking approach like this in good conscience.
Dig Deeper on Biometric technology
Related Q&A from Mike Rothman
The CISSP certification can be a challenge to obtain. Mike Rothman unveils how to get on the right education and career tracks in order to get CISSP ... Continue Reading
In the world of security certifications, what is the GISP and how alike is it to the CISSP? In this security management expert response, learn about ... Continue Reading
Depending on your enterprise, it may or may not be necessary to utilize a QSA. In this security management expert response, learn how to determine ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.